path: root/wpa_supplicant/ChangeLog
Commit message (Collapse)AuthorAgeFilesLines
* Preparations for 0.6.10 releasehostap_0_6_10Jouni Malinen2010-01-121-1/+13
* Fix SHA-256-based KDF when using CCMP as the pairwise cipherJouni Malinen2009-04-201-0/+5
| | | | | | | | | | | | | | | | | IEEE 802.11r KDF uses key length in the derivation and as such, the PTK length must be specified correctly. The previous version was deriving using 512-bit PTK regardless of the negotiated cipher suite; this works for TKIP, but not for CCMP. Update the code to use proper PTK length based on the pairwise cipher. This fixed PTK derivation for both IEEE 802.11r and IEEE 802.11w (when using AKMP that specifies SHA-256-based key derivation). The fixed version does not interoperate with the previous versions. [Bug 307] (cherry picked from commit c0a6190815ce37450fc348d4d09b2a0153478fc0) Conflicts: wpa_supplicant/ChangeLog
* Preparation for 0.6.9 releasehostap_0_6_9Jouni Malinen2009-03-231-1/+1
* Fix IEEE 802.11r key derivation function to match with the standardJouni Malinen2009-03-221-0/+2
| | | | | | | | | | IEEE Std 802.11r-2008, starts the 'i' counter from 1, not 0. Note: this breaks interoperability with previous versions. [Bug 303] (cherry picked from commit 4cb0dcd92d560674865a951010bed5054f3fd26c) Conflicts: wpa_supplicant/ChangeLog
* driver_ndis: Add PAE group address to the multicast addressJouni Malinen2009-03-111-0/+4
| | | | | | | | | | | | | | | | This is done with wired interfaces to fix IEEE 802.1X authentication when the authenticator uses the group address (which should be happening with wired Ethernet authentication). This allows wpa_supplicant to complete wired authentication successfully on Vista with a NDIS 6 driver, but the change is likely needed for Windows XP, too. (cherry picked from commit c472ef754d81792959f8d678a71b6f49a5856c2e) Conflicts: src/drivers/driver_ndis.c wpa_supplicant/ChangeLog
* Preparations for v0.6.8 releasehostap_0_6_8Jouni Malinen2009-02-151-1/+1
* Fixed scan buffer increasing with WEXTJouni Malinen2009-02-081-0/+2
| | | | | | | | | | | | | | | We can now handle up to 65535 byte result buffer which is the maximum due to WEXT using 16-bit length field. Previously, this was limited to 32768 bytes in practice even through we tried with 65536 and 131072 buffers which we just truncated into 0 in the 16-bit variable. This more or less doubles the number of BSSes we can received from scan results. (cherry picked from commit 42f1ee7d1fae8a67a2a48adfda19f9aafc3fef32) Conflicts: hostapd/driver_nl80211.c
* Increased wpa_cli/hostapd_cli ping interval and made it configurableJouni Malinen2009-02-081-0/+4
| | | | | | | The default interval is now 5 seconds (used to be 1 second for interactive mode and 2 seconds for wpa_cli -a). The interval can be changed with -G<seconds> command line option. (cherry picked from commit 1cc84c1c6b702898fcf1a9b19fb060f88fba9245)
* Preparations for 0.6.7 releaseJouni Malinen2009-01-061-1/+1
* Added a note about IEEE 802.11w/D7.0 updateJouni Malinen2008-12-261-0/+1
* Added a ChangeLog entry about the new Windows installerJouni Malinen2008-12-251-0/+4
* IANA allocated EAP method type 51 to EAP-GPSKJouni Malinen2008-12-201-0/+1
* Fixed PSK editing in wpa_gui (copy-paste bug in field names)Jouni Malinen2008-12-181-0/+1
* Fixed interoperability issue with PEAPv0 cryptobinding and NPSJouni Malinen2008-12-141-0/+2
| | | | | | | | | | | | | | Windows Server 2008 NPS gets very confused if the TLS Message Length is not included in the Phase 1 messages even if fragmentation is not used. If the TLS Message Length field is not included in ClientHello message, NPS seems to decide to use the ClientHello data (excluding first six octets, i.e., EAP header, type, Flags) as the OuterTLVs data in Cryptobinding Compound_MAC calculation (per PEAPv2; not MS-PEAP).. Lets add the TLS Message Length to PEAPv0 Phase 1 messages to get rid of this issue. This seems to fix Cryptobinding issues with NPS and PEAPv0 is now using optional Cryptobinding by default (again) since there are no known interop issues with it anymore.
* driver_test: Optional support for using UDP socketJouni Malinen2008-12-121-0/+1
| | | | | | | | | driver_test can now be used either over UNIX domain socket or UDP socket. This makes it possible to run the test over network and makes it easier to port driver_test to Windows. hostapd configuration: test_socket=UDP:<listen port> wpa_supplicant configuration: driver_param=test_udp=<dst IP addr>:<port>
* Merged EAP-AKA' into eap_aka.c and added it to defconfig/ChangeLogJouni Malinen2008-12-071-0/+2
* WPS: Added note about update_config and added WPS to ChangeLogJouni Malinen2008-11-301-0/+10
* Preparations for 0.6.6 releasehostap_0_6_6Jouni Malinen2008-11-231-1/+1
* Fixed canceling of PMKSA caching with driver generated RSN IEJouni Malinen2008-11-211-0/+3
| | | | | | | | | | | | | | It looks like some Windows NDIS drivers (e.g., Intel) do not clear the PMKID list even when wpa_supplicant explicitly sets the list to be empty. In such a case, the driver ends up trying to use PMKSA caching with the AP and wpa_supplicant may not have the PMK that would be needed to complete 4-way handshake. RSN processing already had some code for aborting PMKSA caching by sending EAPOL-Start. However, this was not triggered in this particular case where the driver generates the RSN IE. With this change, this case is included, too, and the failed PMKSA caching attempt is cleanly canceled and wpa_supplicant can fall back to full EAP authentication.
* Add RoboSwitch driver interface for wpa_supplicantJouke Witteveen2008-11-181-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | Find attached the patch that creates a new driver: roboswitch. This driver adds support for wired authentication with a Broadcom RoboSwitch chipset. For example it is now possible to do wired authentication with a Linksys WRT54G router running OpenWRT. LIMITATIONS - At the moment the driver does not support the BCM5365 series (though adding it requires just some register tweaks). - The driver is also limited to Linux (this is a far more technical restriction). - In order to compile against a 2.4 series you need to edit include/linux/mii.h and change all references to "u16" in "__u16". I have submitted a patch upstream that will fix this in a future version of the 2.4 kernel. [These modifications (and more) are now included in the kernel source and can be found in versions 2.4.37-rc2 and up.] USAGE - Usage is similar to the wired driver. Choose the interfacename of the vlan that contains your desired authentication port on the router. This name must be formatted as <interface>.<vlan>, which is the default on all systems I know.
* Updated userspace MLME instructions for current mac80211Jouni Malinen2008-11-181-0/+3
| | | | | | | Remove the old code from driver_wext.c since the private ioctl interface is never going to be used with mac80211. driver_nl80211.c has an implementation than can be used with mac80211 (with two external patches to enable userspace MLME configuration are still required, though).
* OpenSSL 0.9.9 API change for EAP-FAST session ticket overriding APIJouni Malinen2008-11-161-0/+4
| | | | | | | Updated OpenSSL code for EAP-FAST to use an updated version of the session ticket overriding API that was included into the upstream OpenSSL 0.9.9 tree on 2008-11-15 (no additional OpenSSL patch is needed with that version anymore).
* Added an optional mitigation mechanism for certain attacks against TKIP byJouni Malinen2008-11-081-0/+4
| | | | | | | | | | | | delaying Michael MIC error reports by a random amount of time between 0 and 60 seconds if multiple Michael MIC failures are detected with the same PTK (i.e., the Authenticator does not rekey PTK on first failure report). This is disabled by default and can be enabled with a build option CONFIG_DELAYED_MIC_ERROR_REPORT=y in .config. This may help in making a chopchop attack take much longer time by forcing the attacker to wait 60 seconds before knowing whether a modified frame resulted in a MIC failure.
* Fixed EAP-AKA RES Length field in AT_RES as length in bits, not bytesJouni Malinen2008-11-071-0/+2
* Added support for enforcing frequent PTK rekeyingJouni Malinen2008-11-061-0/+3
| | | | | | | | | | | | Added a new configuration option, wpa_ptk_rekey, that can be used to enforce frequent PTK rekeying, e.g., to mitigate some attacks against TKIP deficiencies. This can be set either by the Authenticator (to initiate periodic 4-way handshake to rekey PTK) or by the Supplicant (to request Authenticator to rekey PTK). With both wpa_ptk_rekey and wpa_group_rekey (in hostapd) set to 600, TKIP keys will not be used for more than 10 minutes which may make some attacks against TKIP more difficult to implement.
* Added Milenage-GSM simulator for EAP-SIMJouni Malinen2008-11-061-4/+4
| | | | | CONFIG_SIM_SIMULATOR=y in .config and password="Ki:OPc" in network config to enable.
* Added Milenage USIM emulator for EAP-AKA (can be used to simulate testJouni Malinen2008-11-051-0/+6
| | | | | USIM card with a known private key; enable with CONFIG_USIM_SIMULATOR in .config and password="Ki:OPc:SQN" in network configuration).
* Preparations for 0.6.5 releasehostap_0_6_5Jouni Malinen2008-11-011-1/+1
* wpa_gui-qt4: Added support for configuring Phase 2 methodJouni Malinen2008-10-011-0/+2
* FT: Fixed FTIE for authentication after a failed associationJouni Malinen2008-09-011-0/+2
* Added support for using SHA256-based stronger key derivation for WPA2Jouni Malinen2008-08-311-0/+2
| | | | | | IEEE 802.11w/D6.0 defines new AKMPs to indicate SHA256-based algorithms for key derivation (and AES-CMAC for EAPOL-Key MIC). Add support for using new AKMPs and clean up AKMP processing with helper functions in defs.h.
* IEEE 802.11w: Added association pingJouni Malinen2008-08-311-0/+1
| | | | | | This updates management frame protection to use the assocition ping process from the latest draft (D6.0) to protect against unauthenticated authenticate or (re)associate frames dropping association.
* Internal X.509/TLSv1: Support SHA-256 in X.509 certificate digestJouni Malinen2008-08-161-0/+4
* Preparations for 0.6.4 releasehostap_0_6_4Jouni Malinen2008-08-101-1/+1
* Fixed opportunistic key caching (OKC)Jouni Malinen2008-08-031-0/+1
| | | | | | | | | | wpa_sm_set_config() can be called even if the network block does not change. However, the previous version ended up calling pmksa_cache_notify_reconfig() every time and this cleared the network context from PMKSA cache entries. This prevented OKC from ever being used. Do not call pmksa_cache_notify_reconfig() if the network context remains unchanged to allow OKC to be used.
* Fixed race condition between disassociation event and group key handshakeJouni Malinen2008-06-091-0/+2
| | | | | | | | | | | This avoids getting stuck in state where wpa_supplicant has canceled scans, but the driver is actually in disassociated state. The previously used code that controlled scan timeout from WPA module is not really needed anymore (and has not been needed for past four years since authentication timeout was separated from scan request timeout), so this can simply be removed to resolved the race condition. As an extra bonus, this simplifies the interface to WPA module. [Bug 261]
* Combined internal LibTomMath configuration into one optionJouni Malinen2008-06-061-0/+3
| | | | | | CONFIG_INTERNAL_LIBTOMMATH_FAST=y in .config can now be used to enable all optimized routines at a cost of about 4 kB. This is small enough increase in size to justify simplified configuration.
* Internal TLS: Added support for parsing PKCS #8 formatted private keysJouni Malinen2008-06-021-0/+3
| | | | | | The internal TLS implementation can now use both PKCS #1 RSA private key and PKCS #8 encapsulated RSA private key. PKCS #8 encrypted private key is not yet supported.
* Added fragmentation support for EAP-TNCJouni Malinen2008-05-261-0/+1
* Fixed fallback to full handshake when server rejects PAC-OpaqueJouni Malinen2008-04-151-0/+2
| | | | | | | | | | The TLS client changes in ssl3_get_server_hello() were based on the pre-RFC 5077 version of OpenSSL and they hardcoded s->hit to 1 in case PAC-Opaque was used. This prevented fallback to full TLS handshake in case the server rejected PAC-Opaque in ClientHello. The fixed version simplifies ssl3_get_server_hello() and uses the new RFC 5077 functionality in OpenSSL (ssl3_check_finished) to allow the state machine handle start of abbreviated handshake based on the used ticket.
* EAP-PEAP: Fixed interop issues in key derivation with cryptobindingJouni Malinen2008-03-191-0/+1
| | | | | | | | | | | It looks like Microsoft implementation does not match with their specification as far as PRF+ label usage is concerned.. IPMK|CMK is derived without null termination on the label, but the label for CSK derivation must be null terminated. This allows cryptobinding to be used with PEAPv0 in a way that interoperates with Windows XP SP3 (RC2) and as such, this functionality is now enabled as an optional addition to PEAPv0.
* Add support for PS3 Linux wireless driverMasakazu Mokuno2008-03-131-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | This adds support for PS3 wireless to wpa_supplicant. Although PS3 wireless driver is designed to conform the WEXT standard as much as possible, unfortunately the wext driver wrapper of wpa_supplicant can not support PS3 wireless fully because: - PS3 wireless driver uses private WEXT ioctls for accepting PSK of WPA-Personal from the userland. WEXT does not specify the way to do it. - The association and 4-way handshake are done by PS3 virtual wireless device. The guest OSes can not interfere it. - No EAPOL frames are allowed to go outside of the hypervisor/firmware nor come from. They are eaten by the firmware. Thus I needed to make a new driver wrapper for PS3 wireless. This patch can be applied against the latest 0.6.x tree. Signed-off-by: Masakazu Mokuno <mokuno@sm.sony.co.jp>
* TNC: Added support for using TNC with EAP-FASTJouni Malinen2008-03-091-0/+1
* EAP-FAST: Cleaned up TLV processing and added support for EAP SequencesJouni Malinen2008-02-281-0/+3
| | | | | | | | Number of TLVs were processed in groups and these cases were now separated into more flexible processing of one TLV at the time. wpabuf_concat() function was added to make it easier to concatenate TLVs. EAP Sequences are now supported in both server and peer code, but the server side is not enabled by default.
* Re-initialize hostapd/wpa_supplicant git repository based on 0.6.3 releaseJouni Malinen2008-02-281-0/+1089